Information Security Analyst overseeing security tools and incident responses. Engaging in corporate security initiatives within a technological framework.
About the role
- Senior Cybersecurity Analyst ensuring CMMC Level 2 compliance for a defense contractor. Collaborating with IT teams to secure environments and maintain documentation for assessments.
Responsibilities
- Lead CMMC readiness assessments, map controls to NIST SP 800-171 and DFARS requirements, and maintain compliance documentation (SSP, POA&M).
- Oversee enterprise security policies, standards, and procedures, ensuring alignment with federal and industry regulations.
- Collaborate with IT and DevOps teams to implement secure configurations across workstations, servers, CI/CD pipelines, and cloud environments.
- Conduct risk assessments, vulnerability scans, and threat mitigation; lead incident response and remediation efforts.
- Serve as SME during audits and assessments, coordinating evidence collection and responses.
- Integrate security into projects and operations while delivering training and awareness programs across the organization.
- Stay current on CMMC updates, DoD guidance, and best practices for compliance.
- This position may require occasional travel when needed.
- Must be able to obtain and maintain a US DOD Security Clearance.
Requirements
- Bachelor’s Degree in Cybersecurity, Information Systems, or related field (or equivalent experience).
- 7+ years of hands-on cybersecurity experience, including implementation of security controls in small to mid-size environments.
- Prior experience with CMMC 2.0, NIST SP 800-171, and DFARS compliance.
- Extensive experience working with IT systems used in software engineering environments, including Windows and Linux workstations, Active Directory, Azure, and M365.
- Experience writing and maintaining clear, audit-ready documentation (SSP, POA&M, policies, procedures).
- Experience supporting DoD contracts or working within the Defense Industrial Base (DIB).
- Familiarity with Microsoft Purview, Defender for Cloud, and other M365 compliance tools.
- Experience with vulnerability management, configuration management, and secure system baselining.
- Certifications such as CMMC Certified Professional (CCP), Security+, CISSP, or CISA.
- Excellent communication and collaboration skills for cross-functional team environments.
Benefits
- Salary: $130,000 - $164,000 (Depends on Experience)
- Health Care Plan (Medical, Dental & Vision)
- Retirement Plan (401k, IRA)
- Life Insurance (Basic, Voluntary & AD&D)
- Paid Time Off (Vacation, Sick & Public Holidays)
- Hybrid work schedule
- Summer 9/80 Work Schedule
- Family Leave (Maternity, Paternity)
- Short Term & Long Term Disability
- Training & Development
- Work From Home
- Free Food & Snacks
- Wellness Resources
- Stock Option Plan
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Cyber Security Analyst role supporting USAF Cloud One Architecture and common shared services contract. Involves compliance monitoring, incident response, and collaboration with cybersecurity teams.
Senior Cyber Security Analyst at GDIT identifying and mitigating cyber threats while ensuring compliance with NIST and ISO standards. Involves oversight of security controls and enterprise risk assessments.
Junior Information Security Analyst focusing on identity and access management at Evertec. Supporting operational activities and collaborating with IT and security teams in a hybrid setting.
Senior Cybersecurity Engineer at 3CON responsible for detection and response engineering in Brazilian pharmaceutical retail. Collaborating with teams and improving security controls continuously.
Lead Security Analyst managing operational guidance and analytical oversight for security across crisis regions. Collaborating for timely decision - making and information delivery to clients in the field.
Analista de Segurança da Informação na Minsait investigando e respondendo a incidentes de segurança. Envolvimento em gestão de vulnerabilidades e boas práticas de segurança.
Senior Security Analyst providing advanced cybersecurity services in Stockholm and Malmö. Monitoring environments and handling incidents while collaborating with clients to ensure cybersecurity resilience.
Staff Cybersecurity Analyst focusing on cloud security for Southern Glazer’s. Leading security assessments, managing incidents, and collaborating with teams to enhance security posture.
Analyst supporting Nuclear Cyber Security program at Duke Energy. Addressing cyber security threats and managing compliance across multiple nuclear operations.